|
3101
|
8.8 |
HIGH
Network
|
-
|
-
|
Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-11171
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3102
|
8.8 |
HIGH
Network
|
-
|
-
|
Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-11173
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3103
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)
|
CWE-416
Use After Free
|
CVE-2026-11262
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3104
|
5.1 |
MEDIUM
Local
|
-
|
-
|
Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. (Ch…
|
CWE-269
Improper Privilege Management
|
CVE-2026-11276
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3105
|
- |
|
-
|
-
|
Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
|
CWE-20
Improper Input Validation
|
CVE-2026-11280
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3106
|
- |
|
-
|
-
|
Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low)
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-11290
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3107
|
- |
|
-
|
-
|
A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio ra…
|
-
|
CVE-2026-7762
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3108
|
- |
|
-
|
-
|
A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio rang…
|
-
|
CVE-2026-7763
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3109
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network.
|
CWE-200
Information Exposure
|
CVE-2026-47655
|
2026-06-5 23:59 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3110
|
6.4 |
MEDIUM
Network
|
-
|
-
|
All versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) when extracting a ZIP archive containing two entries with the same path - the first bei…
|
CWE-29
Path Traversal: '\..\filename'
|
CVE-2026-10732
|
2026-06-5 23:59 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
